nitrokey.trussed¶

Submodules

Trussed Device Objects¶

class nitrokey.trussed.TrussedBase¶

Base class for Nitrokey devices using the Trussed framework and running the firmware or the bootloader.

abstract close()¶

Return type:: None

abstract reboot()¶

Return type:: bool

abstract uuid()¶

Return type:: Uuid | None

abstract property name: str¶

abstract property path: str¶

abstract property pid: int¶

property vid: int¶

class nitrokey.trussed.TrussedDevice¶

Bases: TrussedBase

__init__(device, fido2_certs)¶

Parameters:

device (CtapHidDevice)
fido2_certs (Sequence[Fido2Certs])

Return type:

None

close()¶

Return type:: None

abstract classmethod from_device(device)¶

Parameters:: device (CtapHidDevice)
Return type:: T

classmethod list()¶

Return type:: list[T]

classmethod open(path)¶

Parameters:: path (str)
Return type:: T | None

reboot()¶

Return type:: bool

uuid()¶

Return type:: Uuid | None

wink()¶

Return type:: None

property path: str¶

class nitrokey.trussed.TrussedBootloader¶

Bases: TrussedBase

abstract update(image, callback=None)¶

Parameters:

image (bytes)
callback (Callable[[int, int], None] | None)

Return type:

None

abstract property variant: Variant¶

Update Container Objects¶

nitrokey.trussed.parse_firmware_image(variant, data, model)¶

Parameters:

variant (Variant)
data (bytes)
model (Model)

Return type:

FirmwareMetadata

class nitrokey.trussed.FirmwareContainer¶

FirmwareContainer(version: nitrokey.trussed._utils.Version, pynitrokey: Optional[nitrokey.trussed._utils.Version], images: Dict[nitrokey.trussed._bootloader.Variant, bytes])

__init__(version, pynitrokey, images)¶

Parameters:

version (Version)
pynitrokey (Version | None)
images (Dict[Variant, bytes])

Return type:

None

classmethod parse(path, model)¶

Parameters:

path (str | BytesIO)
model (Model)

Return type:

FirmwareContainer

images: Dict[Variant, bytes]¶

pynitrokey: Version | None¶

version: Version¶

class nitrokey.trussed.FirmwareMetadata¶

FirmwareMetadata(version: nitrokey.trussed._utils.Version, signed_by: Optional[str] = None, signed_by_nitrokey: bool = False)

__init__(version, signed_by=None, signed_by_nitrokey=False)¶

Parameters:

version (Version)
signed_by (str | None)
signed_by_nitrokey (bool)

Return type:

None

signed_by: str | None = None¶

signed_by_nitrokey: bool = False¶

version: Version¶

class nitrokey.trussed.Variant¶

Bases: Enum

classmethod from_str(s)¶

Parameters:: s (str)
Return type:: Variant

LPC55 = 'lpc55'¶

NRF52 = 'nrf52'¶

Utility Objects¶

class nitrokey.trussed.App¶

Bases: Enum

Vendor-specific CTAPHID commands for Trussed apps.

ADMIN = 114¶

PROVISIONER = 113¶

SECRETS = 112¶

class nitrokey.trussed.Fido2Certs¶

Fido2Certs(start: nitrokey.trussed._utils.Version, hashes: list[str])

__init__(start, hashes)¶

Parameters:

start (Version)
hashes (list[str])

Return type:

None

static get(certs, version)¶

Parameters:

certs (Sequence[Fido2Certs])
version (Version)

Return type:

Fido2Certs | None

hashes: list[str]¶

start: Version¶

class nitrokey.trussed.Model¶

Bases: Enum

classmethod from_str(s)¶

Parameters:: s (str)
Return type:: Model

NK3 = 'Nitrokey 3'¶

NKPK = 'Nitrokey Passkey'¶

property firmware_pattern: Pattern[str]¶

property firmware_repository: Repository¶

class nitrokey.trussed.Uuid¶

UUID of a Nitrokey Trussed device.

__init__(value)¶

Parameters:: value (int)
Return type:: None

value: int¶

class nitrokey.trussed.Version¶

The version of a Nitrokey Trussed device, following Semantic Versioning 2.0.0.

Some sources for version information, namely the version returned by older devices and the firmware binaries, do not contain the pre-release component. These instances are marked with complete=False. This flag affects comparison: The pre-release version is only taken into account if both version instances are complete.

>>> Version(1, 0, 0)
Version(major=1, minor=0, patch=0, pre=None, build=None)
>>> Version.from_str("1.0.0")
Version(major=1, minor=0, patch=0, pre=None, build=None)
>>> Version.from_v_str("v1.0.0")
Version(major=1, minor=0, patch=0, pre=None, build=None)
>>> Version(1, 0, 0, "rc.1")
Version(major=1, minor=0, patch=0, pre='rc.1', build=None)
>>> Version.from_str("1.0.0-rc.1")
Version(major=1, minor=0, patch=0, pre='rc.1', build=None)
>>> Version.from_v_str("v1.0.0-rc.1")
Version(major=1, minor=0, patch=0, pre='rc.1', build=None)
>>> Version.from_v_str("v1.0.0-rc.1+git")
Version(major=1, minor=0, patch=0, pre='rc.1', build='git')

__init__(major, minor, patch, pre=None, build=None, complete=False)¶

Parameters:

major (int)
minor (int)
patch (int)
pre (str | None)
build (str | None)
complete (bool)

Return type:

None

core()¶

Returns the core part of this version, i. e. the version without the pre-release and build components.

>>> Version(1, 0, 0).core()
Version(major=1, minor=0, patch=0, pre=None, build=None)
>>> Version(1, 0, 0, "rc.1").core()
Version(major=1, minor=0, patch=0, pre=None, build=None)
>>> Version(1, 0, 0, "rc.1", "git").core()
Version(major=1, minor=0, patch=0, pre=None, build=None)

Return type:: Version

classmethod from_int(version)¶

Parameters:: version (int)
Return type:: Version

classmethod from_str(s)¶

Parameters:: s (str)
Return type:: Version

classmethod from_v_str(s)¶

Parameters:: s (str)
Return type:: Version

build: str | None = None¶

complete: bool = False¶

major: int¶

minor: int¶

patch: int¶

pre: str | None = None¶

Trussed Exceptions¶

class nitrokey.trussed.TrussedException¶: Bases: Exception

class nitrokey.trussed.TimeoutException¶

Bases: TrussedException

__init__()¶

Return type:: None